Další formáty:
BibTeX
LaTeX
RIS
@article{1420834, author = {Ghafir, Ibrahim and Přenosil, Václav and Hammoudeh, Mohammad and Baker, Thar and Jabbar, Sohail and Khalid, Shehzad and Jaf, Sardar}, article_number = {June}, doi = {http://dx.doi.org/10.1109/ACCESS.2018.2846740}, keywords = {critical infrastructure security; healthcare cyber attacks; malware; botnet; command and control server; intrusion detection system; alert correlation}, language = {eng}, issn = {2169-3536}, journal = {IEEE Access}, title = {BotDet: A System for Real Time Botnet Command and Control Traffic Detection}, url = {https://ieeexplore.ieee.org/document/8384239/}, volume = {6}, year = {2018} }
TY - JOUR ID - 1420834 AU - Ghafir, Ibrahim - Přenosil, Václav - Hammoudeh, Mohammad - Baker, Thar - Jabbar, Sohail - Khalid, Shehzad - Jaf, Sardar PY - 2018 TI - BotDet: A System for Real Time Botnet Command and Control Traffic Detection JF - IEEE Access VL - 6 IS - June SP - 38947-38958 EP - 38947-38958 PB - IEEE Xplore Digital Library SN - 21693536 KW - critical infrastructure security KW - healthcare cyber attacks KW - malware KW - botnet KW - command and control server KW - intrusion detection system KW - alert correlation UR - https://ieeexplore.ieee.org/document/8384239/ L2 - https://ieeexplore.ieee.org/document/8384239/ N2 - Over the past decade, the digitization of services transformed the healthcare sector leading to a sharp rise in cybersecurity threats. Poor cybersecurity in the healthcare sector, coupled with high value of patient records attracted the attention of hackers. Sophisticated advanced persistent threats and malware have significantly contributed to increasing risks to the health sector. Many recent attacks are attributed to the spread of malicious software, e.g., ransomware or bot malware. Machines infected with bot malware can be used as tools for remote attack or even cryptomining. This paper presents a novel approach, called BotDet, for botnet Command and Control (C&C) traffic detection to defend against malware attacks in critical ultrastructure systems. There are two stages in the development of the proposed sytsem: (i) we have developed four detection modules to detect different possible techniques used in botnet C&C communications; (ii) we have designed a correlation framework to reduce the rate of false alarms raised by individual detection modules. Evaluation results show that BotDet balances the true positive rate and the false positive rate with 82.3% and 13.6% respectively. Furthermore, it proves BotDet capability of real time detection. ER -
GHAFIR, Ibrahim, Václav PŘENOSIL, Mohammad HAMMOUDEH, Thar BAKER, Sohail JABBAR, Shehzad KHALID a Sardar JAF. BotDet: A System for Real Time Botnet Command and Control Traffic Detection. \textit{IEEE Access}. IEEE Xplore Digital Library, 2018, roč.~6, June, s.~38947-38958. ISSN~2169-3536. Dostupné z: https://dx.doi.org/10.1109/ACCESS.2018.2846740.
|